<?php
class usermanager extends MySQL_Connector {
	private $rangs;
	public $log;

	public function __construct() {
		parent::__construct();
		$this->log = new log();
		$this->rangs = general::get_rangs();
	}

	public function get_user_in_table_by_rang($attr_table, $attr_header_row, $where) {
		$sql = "SELECT id, username, state, rang FROM user ".$where;

		if ($stmt = $this -> con -> prepare($sql)) {
			$stmt -> execute();
			$stmt -> bind_result($user_id, $username, $state, $rang);

			$bool = TRUE;

			echo "<table " . $attr_table . ">
				  <tr " . $attr_header_row . ">
				      <td>Benutzername</td><td>Status</td><td>Rang</td><td>Optionen</td>
				  </tr>";

			while ($stmt -> fetch()) {
				$state_icon = $this -> get_state_icon($state);
				$delete_icon = $this -> get_delete_icon($username, $user_id);
				$state_action_icon = $this -> get_action_state_icon($state, $username, $user_id);
				$edit_name_action_icon = $this->get_edit_name_icon($user_id);
				$disabled = "";
				if($_SESSION['rang'] == "Administrator")
				{
					if($username == $_SESSION["bn"])
					{
						$disabled = " disabled";
					}
					$output_rang = "<form id=\"change_".$user_id."\" action=\"index.php?page=user\" method=\"post\"><input type=\"hidden\" name=\"id\" value=\"".$user_id."\" /><select name=\"change_rang\" ".$disabled.">";
					$output_rang .= "<option value=\"".$rang."\">".$rang."</option>";
					foreach($this->rangs as $key => $value) {
						if($rang != $key)
						{
							$output_rang .= "<option value=\"".$key."\">".$key."</option>";
						}
					}
					$output_rang .= "</select></form>";
				} else {
					$output_rang = $rang;
				}

				if ($bool) {
					$tr_class = "class=\"tr_light\"";
				} else {
					$tr_class = "class=\"tr_dark\"";
				}
				
				if ($username == $_SESSION["bn"]) {
					$tr_class = "class=\"tr_self\"";
				}
				
				if(isset($_GET["action"], $_GET["id"])) {
					if($_GET["action"] == "edit_name" && is_numeric($_GET["id"])) {
						if($user_id == $_GET["id"]) {
							$username = "<form id=\"edit_name\" action=\"index.php?page=user\" method=\"post\"><input type=\"hidden\" name=\"id\" value=\"".$user_id."\" /><input type=\"text\" id=\"username\" name=\"username\" value=\"".$username."\" /> <input type=\"image\" src=\"../img/success.png\" alt=\"Speichern\" width=\"16px\" height=\"16px\" id=\"submit_name\" /></form>";
						}
					}
				}

				echo "<tr " . $tr_class . " valign=\"middle\">
					      <td valign=\"middle\">" . $username . "</td>
					      <td valign=\"middle\">" . $state_icon . "</td>
					      <td valign=\"middle\">" . $output_rang . "</td>
					      <td valign=\"middle\">" . $delete_icon . $state_action_icon . $edit_name_action_icon . "</td>
					  </tr>";

				$bool = !$bool;
			}
			echo "</table>";
		}
	}
	
	public function edit_name() {
		$sql = "SELECT * FROM user WHERE username='" . $_POST["username"] . "'";
		$result = $this -> con -> query($sql);
		if (mysqli_num_rows($result) == 0) {
			$sql = "SELECT * FROM user WHERE id=".$_POST["id"];
			$result = $this -> con -> query($sql);
			$benutzer = mysqli_fetch_assoc($result);
			$sql = "UPDATE user SET username = '".$_POST["username"]."' WHERE id=".$_POST["id"];
			if($this -> con -> query($sql)) {
				if($benutzer["username"] == $_SESSION["bn"]) {
					$_SESSION["bn"] = $_POST["username"];
				}
				$this->log->add_log_entry(new log_entry("Der Name wurde erfolgreich ge&auml;ndert!", "success"));
			} else {
				$this->log->add_log_entry(new log_entry("Der Name konnte nicht ge&auml;ndern werden!", "error"));
			}
		} else {
			$this->log->add_log_entry(new log_entry("Benutzer mit dem Namen \"".$_POST["username"]."\" bereits ".$rang["rang"]."!", "error"));
		}
	}
	
	public function change_state($state, $id)
	{
		if($state == "Administrator" || $state == "Moderator" || $state == "Benutzer")
		{
			$sql = "SELECT rang FROM user WHERE id=".$id;
			$result = $this->con->query($sql);
			if($result)
			{
				$rang = mysqli_fetch_assoc($result);
				if($state != $rang["rang"])
				{
					$sql = "UPDATE user SET rang='".$state."'WHERE id=".$id;
					if($this->con->query($sql))
					{
						$this->log->add_log_entry(new log_entry("Benutzer wurde erfolgreich zum ".$state."!", "success"));
					}
					else
					{
						$this->log->add_log_entry(new log_entry("Benutzer konnte nicht aktiviert werden!", "error"));
					}
				}
				else
				{
					$this->log->add_log_entry(new log_entry("Benutzer ist bereits ".$rang["rang"]."!", "error"));
				}
			}
		}
	}
	
	public function delete_user($id)
	{
		$sql = "SELECT username, state FROM user WHERE id=".$id;
		$result = $this->con->query($sql);
		if($result)
		{
			$user = mysqli_fetch_assoc($result);
			if($this->is_not_self_name($user["username"]))
			{
				$sql = "DELETE FROM user WHERE id=".$id;
				if($this->con->query($sql))
				{
					$this->log->add_log_entry(new log_entry("Benutzer wurde erfolgreich gel&ouml;scht!", "success"));
				}
				else
				{
					$this->log->add_log_entry(new log_entry("Benutzer konnte nicht gel&ouml;scht werden!", "error"));
				}
			}
			else
			{
				$this->log->add_log_entry(new log_entry("Du kannst du nicht selbst gel&ouml;scht!", "error"));
			}
		}
		else
		{
			$this->log->add_log_entry(new log_entry("Benutzer existiert nicht!", "error"));
		}
	}
	
	public function activate_user($id) {
		$sql = "SELECT username, state FROM user WHERE id=".$id;
		$result = $this->con->query($sql);
		if($result)
		{
			$user = mysqli_fetch_assoc($result);
			if($this->is_not_self_name($user["username"]))
			{
				if($user["state"] == 0)
				{
					$sql = "UPDATE user SET state=1 WHERE id=".$id;
					if($this->con->query($sql))
					{
						$this->log->add_log_entry(new log_entry("Benutzer wurde erfolgreich aktiviert!", "success"));
					}
					else
					{
						$this->log->add_log_entry(new log_entry("Benutzer konnte nicht aktiviert werden!", "error"));
					}
				}
				else
				{
					$this->log->add_log_entry(new log_entry("Benutzer ist bereits aktiviert!", "error"));
				}
			}
			else
			{
				$this->log->add_log_entry(new log_entry("Du kannst du nicht selbst aktivieren!", "error"));
			}
		}
		else
		{
			$this->log->add_log_entry(new log_entry("Benutzer existiert nicht!", "error"));
		}
	}
	
	public function deactivate_user($id)
	{
		$sql = "SELECT username, state FROM user WHERE id=".$id;
		$result = $this->con->query($sql);
		if($result)
		{
			$user = mysqli_fetch_assoc($result);
			if($this->is_not_self_name($user["username"]))
			{
				if($user["state"] == 1)
				{
					$sql = "UPDATE user SET state=0 WHERE id=".$id;
					if($this->con->query($sql))
					{
						$this->log->add_log_entry(new log_entry("Benutzer wurde erfolgreich deaktiviert!", "success"));
					}
					else
					{
						$this->log->add_log_entry(new log_entry("Benutzer konnte nicht deaktiviert werden!", "error"));
					}
				}
				else
				{
					$this->log->add_log_entry(new log_entry("Benutzer ist bereits deaktiviert!", "error"));
				}
			}
			else
			{
				$this->log->add_log_entry(new log_entry("Du kannst du nicht selbst deaktivieren!", "error"));
			}
		}
		else
		{
			$this->log->add_log_entry(new log_entry("Benutzer existiert nicht!", "error"));
		}
	}
	
	private function is_not_self_name($username)
	{
		if ($username != $_SESSION["bn"])
		{
			return true;
		}
		return false;
	}

	private function get_state_icon($state) {
		if ($state == 0) {
			return "<img src=\"../img/lock.png\" width=\"16px\" height=\"16px\" />";
		} else {
			return "<img src=\"../img/lock_open.png\" width=\"16px\" height=\"16px\" />";
		}
	}

	private function get_delete_icon($username, $user_id) {
		if (!$this->is_not_self_name($username)) {
			return "";
		} else {
			return "<a href=\"index.php?page=user&action=delete&id=" . $user_id . "\"><img src=\"../img/businessman_delete.png\" width=\"16px\" height=\"16px\" /></a>";
		}
	}
	
	private function get_edit_name_icon($user_id) {
		return "<a href=\"index.php?page=user&action=edit_name&id=" . $user_id . "\"><img src=\"../img/businessman_edit.png\" width=\"16px\" height=\"16px\" /></a>";
	}
	
	private function get_action_state_icon($state, $username, $user_id) {
		if (!$this->is_not_self_name($username))
		{
			return "";
		}
		else
		{
			if($state == 0)
			{
				return "<a href=\"index.php?page=user&action=activate&id=".$user_id."\"><img src=\"../img/lock_open.png\" width=\"16px\" height=\"16px\" /></a>";
			}
			else
			{
				return "<a href=\"index.php?page=user&action=deactivate&id=".$user_id."\"><img src=\"../img/lock.png\" width=\"16px\" height=\"16px\" /></a>";
			}
		}
	}
}
?>